Computer systems of the Clay Center Public Utilities in Kansas were forced offline as the result of a ransomware attack by hackers determined to be located in Russia, according to reports.
The utility was threatened with potential data destruction if they did not succumb to the attacker’s attempt to extort funds after malware infected systems used for accounting, involving scheduling, budgeting and billing, but no critical control systems were affected.
The malware was first detected on CCPU superintendent Bill Callaway’s home system, and was responsible for destroying some data files including pictures on the system.
“They give you 100 hours to send them $300,” Callaway said of the plot that hinged on malware delivered by way of an e-mail from North Central Kansas Communications Net.
An expert involved in mitigating the attack said the malware used had been detected in similar attacks worldwide.
“He’s been on the internet talking to people in Indonesia, Europe, Germany, all over the world. He talked to seven or eight people who paid the ransom and the computers were unlocked and five or six who paid the ransom and nothing happened,” Callaway said.
“The key is randomly selected and no two bugs are the same. Another unusual thing is the attack came through e-mail. Usually the attacks bypass e-mail.”
Read More Here…